To cope with that sort of requirements, I enhanced Access.pm so that TWiki variables in ALLOWWEBVIEW, DENYWEBVIEW, etc. are expanded.

Set ALLOWWEBVIEW = %SOME_TWIKI_VARIALBE% ...

It's a bit tricky to use but can achieve a similar goal. With that enhancement, you would have a topic naming convention where a set of topics starts with a certain string. And topics starting with that string would be restricted. How does this sound?

We use a strict naming convention for topic. for example all topics dealing with a project start withe project id, but permission might differ among them. For example in project documentation not every is allowed to see the the financial status, or other confidential stuff

Naming convention is not the only way to achieve your access restriction goal under my scenario. You can use a parent topic for access restriction by having %META{"parent" format="$topic"}% in ALLOWWEBVIEW.